Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EASM mistakes waiting to happen
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
JR0ch17
January 25, 2022
Technology
60
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
EASM mistakes waiting to happen
JR0ch17
January 25, 2022
More Decks by JR0ch17
See All by JR0ch17
Traversing my way in the internal network
jr0ch17
0
190
Getting Started in Bug Bounty
jr0ch17
0
170
Getting Blindly Lucky
jr0ch17
0
110
Qu'est-ce que le bug bounty?
jr0ch17
0
160
Finding 5 bugs in a single parameter
jr0ch17
0
120
Beyond the Borders of Scope
jr0ch17
1
110
Bad API, hAPI Hackers!
jr0ch17
0
1.6k
Other Decks in Technology
See All in Technology
Bucharest Tech Week 2026 - Reinventing testing practices in the AI era
edeandrea
PRO
1
170
「勝手に広まる」人気 AI エージェントを爆速で作ろう!(AWS Summit Japan 2026講演資料)
minorun365
PRO
8
2k
【2026年版】 ベクトル検索とEmbedding最前線
mocobeta
16
4.4k
入門!AWS Blocks
ysuzuki
1
160
AIチャット検索改善の3週間
kworkdev
PRO
2
140
2026TECHFRESH畢業分享會 - AI 時代的人生存檔點
line_developers_tw
PRO
0
1.3k
Oracle AI Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
6
2k
Kiro Ambassador を目指す話
k_adachi_01
0
110
【Snowflake Summit 2026 Recap!!】Snowflake Summit Deep Dive: Security & Governance
civitaspo
1
270
2026TECHFRESH畢業分享會 - 葬送的通靈師:化系統與用戶雜訊成行動訊號
line_developers_tw
PRO
0
1.3k
コミュニティの有益性 ~JAWS Days 2026 での体験を通して~ / The Benefits of a Community ~Through My Experience at JAWS Days 2026~
seike460
PRO
0
180
アンオフィシャルな、オフィシャルからのお願い
wyamazak_devrel
0
140
Featured
See All Featured
How To Speak Unicorn (iThemes Webinar)
marktimemedia
1
490
Unlocking the hidden potential of vector embeddings in international SEO
frankvandijk
0
840
Mobile First: as difficult as doing things right
swwweet
225
10k
Why Mistakes Are the Best Teachers: Turning Failure into a Pathway for Growth
auna
0
160
Neural Spatial Audio Processing for Sound Field Analysis and Control
skoyamalab
0
340
Fireside Chat
paigeccino
42
4k
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
1
1.3k
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
minecr
1
290
Visual Storytelling: How to be a Superhuman Communicator
reverentgeek
2
560
Building Adaptive Systems
keathley
44
3.1k
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
uxyall
1
1.7k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
56k
Transcript
EASM mistakes waiting to happen
GET /whoami HTTP/2 Jasmin Landry JR0ch17 Lead, IT & Security
at Montreal Canadiens fan
GET /agenda HTTP/2 EASM Common mistakes Hacker perspective
GET /EASM HTTP/2 What exactly is EASM? What does it
cover? Why is it important?
GET /common_mistakes HTTP/2 Lack of Change Management Not respecting Least
Privilege Misconfigured WAFs Cloud misconfigs (S3 buckets)
GET /hacker_perspective HTTP/2 • Subdomains • IPs • TLS certificates
• Third-party apps Recon EVERYTHING • Monitor for new assets • Monitor any change Continuous Monitoring
GET /thanks HTTP/2 Thank you for listening Questions? More questions?
DMs are open on and
jr0ch17
edeandrea
minorun365
mocobeta
ysuzuki
kworkdev
line_developers_tw
oracle4engineer
k_adachi_01
civitaspo
seike460
wyamazak_devrel
marktimemedia
frankvandijk
swwweet
auna
skoyamalab
paigeccino
charlesmeaden
minecr
reverentgeek
keathley
uxyall
aki_iinuma
